public inbox for [email protected]
help / color / mirror / Atom feedFrom: Dominique Devienne <[email protected]>
To: David G. Johnston <[email protected]>
Cc: [email protected] <[email protected]>
Subject: Re: current_role of caller of a DEFINER function
Date: Wed, 26 Jun 2024 14:58:44 +0200
Message-ID: <CAFCRh-__EGUUezjcSNqEJOmr68dKdBMS3hcxqUw8x-ory_NeJA@mail.gmail.com> (raw)
In-Reply-To: <CAKFQuwbnK-gEL=LrtMpkvGGSHCdwhSvDgcJCu6QNj-6rquGRtQ@mail.gmail.com>
References: <CAFCRh--0j77ueun+Ak0vRe_vi__Jks_HZjD9QbD+THR8gAWvRQ@mail.gmail.com>
<CAKFQuwbnK-gEL=LrtMpkvGGSHCdwhSvDgcJCu6QNj-6rquGRtQ@mail.gmail.com>
On Wed, Jun 26, 2024 at 2:42 PM David G. Johnston
<[email protected]> wrote:
> On Wednesday, June 26, 2024, Dominique Devienne <[email protected]> wrote:
>> Only session_user
>> is representative of the caller, and reliable (modulo SUPERUSER and
>> SET AUTHORIZATION, but that's a different story and kinda normal)
>
> Why can you not use session_user then?
Hi. As I already wrote above, the current_role matters in our security model.
The LOGIN user (i.e. session_user) is used only for authentication to
the DB and to connect.
All other security concerns are on other app-maintained (NOLOGIN)
roles, used for authorization. --DD
view thread (3+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected]
Subject: Re: current_role of caller of a DEFINER function
In-Reply-To: <CAFCRh-__EGUUezjcSNqEJOmr68dKdBMS3hcxqUw8x-ory_NeJA@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox